Bugtraq mailing list archives

Re: denial of service attack possible

From: avalon () coombs anu edu au (Darren Reed)
Date: Sun, 29 Oct 1995 17:50:22 +1100


In some mail from Nathan Lawson, sie said:
[...]

This doesn't address direct d.o.s. attacks, though.  I think that Solaris's
tcp_eager_listeners option could be used to allow your application to process
connection requests before the complete 3-way handshake.  Other than that,
it's up to you whether you want to violate RFC's and perhaps break other things
by dropping connection requests from the queue faster or limiting the number
of requests from one machine.


I think that Linux also implements TCP in a similar way - I've seen and made
inetd on linux return half open connections that were closed before anything
got to run (tcp wrappers, etc).  Looks very strange in logs.

darren

Current thread:

Re: denial of service attack possible Nathan Lawson (Oct 27)
- Re: denial of service attack possible Darren Reed (Oct 28)
- Re: denial of service attack possible Neil Readwin (Oct 30)
- <Possible follow-ups>
- Re: denial of service attack possible Casper Dik (Oct 29)
- Re: denial of service attack possible System Administrator (Oct 30)
- Re: denial of service attack possible John Stewart (Oct 31)
- Re: denial of service attack possible der Mouse (Nov 01)